The DNSSEC Industry Coalition (DIC) was founded in the U.S. with the goal to drive further development and acceptance of the DNSSEC security protocol. The consortium includes a half dozen top Domain Name Registries and software developers that are currently laying out an action plan.

Despite regular crises in the Domain Name System (DNS) and weaknesses of relevant software, such as shown by recent DNS attacks, the DNSSEC protocol has had a slow adoption rate. According to a recent survey by the Measurement Factory, among the estimated 11.9 million existing nameservers only a minute proportion use DNSSEC. The coalition intends to address this issue.

Certain registries have found common ground. Among them are the ones for the top domains .org, .info, .edu, .com, .net, and for country specific ones like .se, .uk, .tv and .cc. Add to these software providers such as ISC and BIND, which is by far the greatest provider of nameserver software.

In their announcement, the members of the DNSSEC Industry Coalition promise to develop common tools and applications to make DNSSEC easier to adopt. They also intend to set an example. The effect this will have on users outside the big ISPs is still to be seen. Technical solutions for DNSSEC have existed for a long time, but top name registries have been reluctant to adopt them up to now.

Dan Kaminsky, front man of the DNS attacks band the middle of 2008, has delivered a retrospective at the 25th annual Chaos Communication Congress (25C3) on the background and process of DNS vulnerability. But he also set his sights on the future. And outside-the-box thinker Dan J. Bernstein also had a thing or two to say.

After 10 years the industry-independent Internet Systems Consortium (ISC) is embarking on a completely new BIND implementation with BIND 10. Its patrons and sponsors should ensure that the market leader in DNS implementation is more secure, flexible and highly scalable, although developers are keeping the details close to their chests at present.